This first alpha release is based on early Snort 2.9.6 and excludes all but one of Snort’s dynamic preprocessors (ftp_telnet). Work is underway to
port that functionality and sync with 2.9.7; those updates will be rolled out as they become available.
+ Project = Snort++
+ Binary = snort
+ Version = 3.0.0-a1

* To build with autotools, simply do the usual from the top level directory:

./configure –prefix=$my_path
make -j 8 install

* To build with cmake and make, run configure_cmake.sh. It will
automatically create and populate a new subdirectory named ‘build’.

./configure_cmake.sh –prefix=$my_path
cd build
make -j 8 install

Note:

* If you are using autotools with a github clone, first do autoreconf -isvf.
* If you can do src/snort -V you built successfully.
* If you are familiar with cmake, you can run cmake/ccmake instead of
configure_cmake.sh.
* cmake –help will list any available generators, such as Xcode. Feel
free to use one, however help with those will be provided separately.

RUN SNORT

First set up the environment:
export LUA_PATH=$my_path/include/snort/lua/\?.lua\;\;
export SNORT_LUA_PATH=$my_path/etc/snort

Then give it a go:
* Snort++ provides lots of help from the command line. Here are some examples:
$my_path/bin/snort –help
$my_path/bin/snort –help-module suppress
$my_path/bin/snort –help-config | grep thread

* Run IDS mode. In the following, replace pcaps/ with a path to a directory
with one or more *.pcap files:
$my_path/bin/snort -c $my_path/etc/snort/snort.lua -R $my_path/etc/snort/sample.rules \
-r a.pcap -A alert_test -n 100000